Security News > 2023 > February > NameCheap's email hacked to send Metamask, DHL phishing emails
Domain registrar Namecheap had their email account breached Sunday night, causing a flood of MetaMask and DHL phishing emails that attempted to steal recipients' personal information and cryptocurrency wallets.
The phishing campaigns started around 4:30 PM ET and originated from SendGrid, an email platform used historically by Namecheap to send renewal notices and marketing emails.
The phishing emails sent in this campaign are impersonating either DHL or MetaMask.
"We are writing to inform you that in order to continue using our wallet service, it is important to obtain KYC verification. KYC verification helps us to ensure that we are providing our services to legitimate customers," reads the MetaMask phishing email.
This email contains a marketing link from Namecheap that redirects the user to a phishing page pretending to be MetaMask.
If you received either a DHL or MetaMask phishing email tonight from Namecheap, immediately delete it and do not click on any links.
News URL
Related news
- U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails (source)
- Beware of phishing emails delivering backdoored Linux VMs! (source)
- New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Phishing emails increasingly use SVG attachments to evade detection (source)